Home » Privacy and cookie statement

Privacy and Cookie Statement

This privacy and cookie statement was most recently revised on May 5 2023.

Duppal complies with the European Union’s General Data Protection Regulation (GDPR). Accordingly, for all processing activities we are required to inform you under which basis we handle personal data.

This privacy and cookie statement is to inform you about how and when we process your personal data, online and offline. Personal data means any information relating to you as a natural person
that may be used to identify, contact, or locate you as an individual. Please read this privacy and cookie statement carefully to have a clear understanding of how we collect, use, protect or otherwise handle personal data on all our services.

1.Who we are and what we do

Duppal is a private company with limited liability (B.V.), that provides collaboration solutions as a reseller or in a consultancy role. Duppal cooperates with multiple vendors around the world to provide its services to customers nationally and internationally.

Contact information

Duppal B.V.
De Entree 234 / Unit 5.07
1101 EE, Amsterdam, The Netherlands

Tel: +31 (0)85 13 02 215
Email: info@duppal.com
KvK: 56211341

2. For what purposes do we process your personal data

We obtain various personal data from you. We specify for each purpose what data we obtain from you, for what purpose we process these data and for how long they are stored. If you have any
questions or would like to know exactly what information we store about you, please contact us. Our contact details are mentioned above.

Contact and complaint handling

When you send us an email, fill in the contact form on the website, contact us by telephone, or contact us in any other way, you accept our offer to contact us (performance of the contract).

 For this purpose, we process the following personal data:

• Name
• Business information (if you contact us from a business perspective)
• Contact details (email address and telephone number)
• Any information you provide as part of the content of a message

We store your data for the purpose of contacting you and handling your complaint if necessary. We keep this information for as long as necessary for this contact or up to 2 years after we last had contact with you, because we want to make sure we have handled your question or complaint properly.

Customer cases

On our website we present several customer cases about our products and services. In this way we try to give you a complete impression of our products and services and how our customers evaluate their use in practice. We process data on the basis of consent from the reviewers. This consent can easily be revoked again at any time by contacting us via the contact details found at the top of this privacy and cookie statement.

For this purpose, we process the following data:

• Name of the reviewer
• Name of the organization where the reviewer works
• Any personal data such as the content of the customer case

We need these data to review the customer case and to process it on the website. We keep the data until you withdraw your consent to publish the customer case.

Request forms

We offer several online forms where we will ask you to enter data, namely when requesting webinars and downloads for whitepapers.

For these, we need the following personal data:

• Name
• Company name (if applicable)
• Business email address
• Phone number

We need these data to process your request, because you have asked us to contact you about one of our services (performance of contract). We retain this information for up to two years or until you have indicated that you no longer wish to receive communications.

Delivering our services and products

In case you decide to purchase our services or products, we may require data from you. We use these data because of the legitimate interest we have, to be able to perform the contract we enter into with your organization and to maintain the relationship resulting from it.

For this purpose, we process the following data:

• Contact name
• Company name
• Business contact details (email address and phone number)

We retain your data up until 2 years after we have stopped providing our products or services to your organization. We may store financial data longer if we are legally obliged to do so (e.g. because of the tax retention obligation of 7 years).

Working at Duppal

If you apply for one of our job openings or submit an open application, we process your personal data for the purpose of handling your application and in preparation for a possible employment contract.

For this purpose, we process the following personal data:

• Name and address details
• Contact details (email address and telephone number)
• Curriculum Vitae
• Motivation letter
• Salary requirements, if any
• References, if any
• Any other information you provide with your application

Your application details are stored for a maximum of 6 weeks after the position has been filled. We store this information so that we can contact you should the position become vacant again within the probationary period. If we are unable to offer you a position at this time, we may – with your consent – keep the application data for one more year. You can revoke your consent at any time by sending us an email. We will store your application data in your personnel file should you decide to work for us. This file will be stored for as long as necessary, and the application data will be kept for a maximum of 2 years after entering into employment.

A social media and internet screening can be part of the application procedure. This is necessary for us to preserve our image when hiring new staff; we do this on a legitimate interest basis. We will do a search of your name on Google and any profile you may have on various social media. This applies, of course, insofar as these profiles are public. We will not ask you to grant us access to a private social media page or to accept a request from us. The results of the screening will be discussed with you. Should you have any objections to this, you can inform us by email at the time of your application.

3. Who do we share your personal data with?

Duppal does not share your personal data with third parties unless this is necessary for the provision of services (i.e. for delivering of services, storage of data), or if Duppal is legally obliged
to do so.

In order to deliver our services, we may sometimes share data with other parties to deliver the best experience possible for you. Duppal works with: Cisco (www.cisco.com), Pexip (www.pexip.com) and Zoom (www.zoom.us). These companies have their own privacy policy and we advise you to check their website and read their privacy policies.

If these partners act as processor for us, we are the controller of the data, and they are contractually bound with a data processing agreement, in order to ensure that your personal data
benefits from the same levels of protection as they have when handled directly by us.

We may share data with third-party services providers, companies who provide essential services for delivering our services to our customers.

Third parties processing personal data on our behalf or yours:

• IT suppliers and service providers
• Hosting party
• Cookie service providers
• Payment service providers and collection agencies
• Partner companies

Some of these companies operate and store data outside the EU. If we use these third-party service providers, we will make sure that there is an appropriate level of protection for the processing of personal data. In the case of transfers of personal data to third parties that are located in a country that is not subject to an adequacy decision by the European Commission, Duppal will only transfer personal data to third parties provided that there are contractual arrangements with them to ensure that processing of personal data is consistent with the obligations set out in the GDPR.

4. Safety and Storage

Duppal has taken appropriate security measures to limit abuse of and unauthorized access to personal data. Personal data are stored in a secure environment, access to this is protected and only authorized persons have access, following our security policy.

Duppal has appointed a reasonably limited number of persons charged with the processing of personal data and authorized to access the personal data. These employees will be explicitly entitled only to perform the operations necessary to fulfil the obligations of customer agreements.

Duppal has a role-based access structure in place, which means that access accounts are created per role. This allows Duppal to limit the access to critical (customer) data.

5. Social media buttons

We use social media buttons on our website that redirect you to the relevant social media platforms. This gives you the option to follow us and share content. You will also see advertisements on your social media page. The buttons operate through bits of code provided by the social media networks. If you want to know what the social media platforms do with your personal data, please read the relevant privacy statement:

• Twitter (Privacy Statement)
• LinkedIn (Privacy Statement)

6. Cookies

Our website uses first-party and third-party cookies. Cookies are small data files that can be automatically stored on or read from the visitor’s device (such as PC, tablet or smartphone) when visiting a website. This is done via the web browser on the device.

We use the following types of cookies:

Functional cookies: these cookies have a functional role within the website. The cookies ensure that the website functions properly.
Analytical cookies: these cookies give us insight into how our website is used. Based on this information, we can make our website more user-friendly.
Marketing cookies: these cookies make it possible to show you personalised advertisements (via our advertising partners).

The cookies may collect the following data from you, among others:

• Name
• Screen display options
• IP address
• Cookie ID
• Website and click behaviour
• Referrer URL

On your first visit to our website, we will display a message explaining how cookies are used. We will ask for your consent for the use of cookies to the extent we are required to do so.

The list of the cookies we use is shown in the overview below.


list of cookies
list of cookies

Enabling and disabling cookies

You can set your web browser to only accept cookies with your consent. Consult your browser guide for more information. Please note that many websites will not function optimally when cookies are disabled.

Deleting cookies

Most cookies have an expiry date. When an expiry date is set, the cookie is automatically deleted once that date passes. You can also choose to delete the cookies manually before the expiry date. Please consult your browser guide for more information. Below, you will find a link to the provider’s website for each browser, which provides step-by-step instructions on how to block or delete cookies.
• Google Chrome
• Firefox
• Edge
• Safari


7. Your rights: view, correct or delete personal data

You can always contact us if you have any questions regarding our privacy and cookie statement. Besides that, you have the following rights regarding your personal data:

• Right of access: you have the right to access the personal data we process about you.
• Right to rectification: you have the right to correct or supplement the personal data we process about you, e.g., if they are incorrect or incomplete.
• Right to object: you have the right to object to the processing of your personal data.
• Right to erasure: you may request us to erase your personal data.
• Right to withdraw your consent: if you have consented to us processing personal data, you can withdraw your consent at any time.
• Right to data portability: if it is technologically possible, you have the right to have the personal data we process about you transferred to a third party.
• Right to restrict processing: in some cases, you can request that we restrict the processing of your personal data (temporarily or otherwise).

We may ask you for identification to fulfil your request. We require this information to ensure that the requested personal data belongs to the right person. We will generally comply with your request within one month. However, this period may be extended by two months depending on the specific privacy rights or the complexity of the request.

If we extend this period, we will inform you in good time. If you wish to exercise any of your rights, you can do so by sending an email to info@duppal.com.

7. Complaints

In the event of a complaint about the processing of personal data by Duppal, you can contact us at the address, telephone number or email address mentioned above. If we do not resolve the
complaint satisfactory, there is always the possibility to submit a complaint to the Dutch Data Protection Authority (www.autoriteitpersoonsgegevens.nl).

8. Changes to this privacy and cookie statement

When there is a change in our services, we will also need to change our privacy and cookie statement. Please consult this privacy and cookie statement regularly for the most up-to-date information.